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DETAILED ACTION 

Examiner notes that no claims have been amended, added or canceled. Claims 
not explicitly addressed herein are found to be addressed within prior Office Action 
dated 7 October 2005 as reiterated herein below. 

Claim Rejections - 35 USC § 103 

1. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1-23 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
extensive consideration of US Patent Pub. US 2002/0169961 A1 to Stockwell. 

3. Regarding Claims 1, 13, 14 & 22, Stockwell discloses a method for controlling 
computer network access comprising the steps of: 

(a) initiating at a client computer a [first] communication session at a [first] 
network address, (Col. 5, lines 17-67 & Col. 6, lines 1-58); 

(b) receiving at the client computer via the [first] communication session a 
[second] network address, (Fig. 3; Col. 5, lines 17-67; Col. 6, lines 1-58; & 
Col. 11, lines 6-32), (Examiner notes that Stockwell clearly discloses both 
the warder authentication means as well as the side effect/redirect 
functionality to alternate machines/proxies & servers within an 
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internal/external network environment wherein it would have been obvious 
to be (re)directed to several proxy/servers for purposes of increased 
security and per rule criteria); 

(c) initiating at the client computer a [second] communication session at 
the [second] network address, wherein the [first and second] server 
computers are the same server computer, (per pending Claim 14), (Col. 5, 
lines 17-67; Col. 6, lines 1-58; Col. 7, lines 34-67; Col. 8, lines 1-37; & Col. 
1 1 , lines 6-32), (Examiner notes that it would have been obvious to locate 
the authentication means, (i.e.: warder), anywhere within the network 
including the server responsible for the initial communication session 
especially wherein the network comprises a limited number of servers 
within a limited space, (i.e.: a school)); 

(d) receiving at the client computer via the [second] communication 
session an access configuration including a control setting for at least one 
communication protocol capable of being utilized during a [third] 
communication session, (Col. 5, lines 17-67; Col. 6, lines 1-58; Col. 7, 
lines 34-67; Col. 8, lines 1-37; & Col. 11, lines 6-32), (Examiner notes that 
the ACL lists and queries clearly and obviously determine client computer 
access to communication protocols); 

(e) instantiating on the client computer a process which initiates a [third] 
communication session at a [third] network address, (Fig. 3; Col. 5, lines 
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17-67; Col. 6, lines 1-58; Col. 7, lines 34-67; Col. 8, lines 1-37; & Col. 11, 
lines 6-32); and 

(f) in connection with the [third] communication session, controlling the 
conveyance of data at least one of to and/or from the process instantiated 
on the client computer based on the control setting for the one 
communication protocol, (Col. 5, lines 17-67; Col. 6, lines 1-58; Col. 7, 
lines 34-67; Col. 8, lines 1-37; Col. 11, lines 6-67; & Col. 12, lines 1-67), 
(Examiner notes that client network communication is obviously 
determined by the ACL rule set). 
4. Though Stockwell clearly teaches a redirection means between multiple entities 
on multiple networks, Stockwell does not specifically enumerate a first, second and third 
communication session at a respective network address. Examiner finds that it would 
have been obvious to one of ordinary skill in the art at the time of invention by Applicant 
to use any number of multiple servers to perform a task, (i.e.: authentication, access 
control or information acquisition), as specifically taught by Stockwell, (i.e.: initiation, 
authorization and redirection), which notes motivation in the need for a generalized 
security policy management system free of performance limitations, (Stockwell, Col. 3, 
lines 5-15). In other words, within a network system comprising multiple servers and 
multiple layers of access control, Stockwell teaches secured access throughout the 
network as implemented on multiple machines wherein it would have been obvious to 
create multiple communication sessions for added security and improved performance 
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purposes. Thus, Claims 1, 13, 14 & 22 are found to be unpatentable over considerable 
consideration of the teachings of Stockwell. 

5. Regarding Claims 2, 19 & 20, Stockwell is relied upon for those teachings noted 
herein. Stockwell further teaches access configuration inclusive of a list related to the 
control setting for the [one] communication protocol, and the conveyance of data via the 
[third] communication session is controlled based on an entry, (network address/redirect 
- per pending Claim 20), included in the list, (Fig. 5; Col. 5, lines 17-67; Col. 6, lines 1- 
58; Col. 7, lines 34-67; Col. 8, lines 1-37; Col. 11, lines 6-67; & Col. 12, lines 1-67), 
(Examiner notes that all client network communication is obviously determined by the 
ACL rule set). Thus, Claims 2, 19 & 20 are found to be unpatentable over considerable 
consideration of the teachings of Stockwell. 

6. Regarding Claim 3, Stockwell is relied upon for those teachings noted herein. 
Stockwell further teaches wherein the one communication protocol includes one of: 
World Wide Web (Web); file transfer protocol (FTP); E-mail; News; Chat; Instant 
Messaging; Telnet; and Peer-to-peer, (Fig. 5; Col. 5, lines 17-67; Col. 6, lines 1-58; Col. 

7. lines 34-67; Col. 8, lines 1-37; Col. 11, lines 6-67; & Col. 12, lines 1-67). Thus, Claim 
3 is found to be unpatentable over considerable consideration of the teachings of 
Stockwell. 

7. Regarding Claim 4, Stockwell is relied upon for those teachings noted herein. 
Stockwell further teaches wherein the control setting is one of: unrestricted computer 
network access (Allow All); no computer network access (Block All); limited computer 
network access to network addresses included in an allow list (Allow Listed); and 
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unrestricted computer network access except to network addresses included in a block 
list (Block Listed), (Fig. 5; Col. 1, lines 65-67; Col. 2, lines 1-29; Col. 5, lines 17-67; Col. 
6, lines 1-58; Col. 7, lines 34-67; Col. 8, lines 1-37; Col. 11, lines 6-67; & Col. 12, lines 
1-67). Thus, Claim 4 is found to be unpatentable over considerable consideration of the 
teachings of StockwelL 

8. Regarding Claims 5, 6, 16 & 17, Stockwell is relied upon for those teachings 
noted herein. Stockwell further teaches wherein prior to receipt of the access 
configuration at the client computer, the control setting for the one communication 
protocol is obviously selected from a plurality of different control settings therefor, and 
each global control setting is obviously selected nonexclusively of any other global 
control settings, (per pending Claim 17), wherein the access configuration further 
includes at least one of the following global control settings: access prohibited to 
conveyed data including a predetermined word or phrase; access prohibited to data of 
at least one predetermined data type, (Internet cookie - per pending Claim 6), access 
prohibited to data conveyed during at least one of a predetermined time and day-of- 
week; and access prohibited based on a rating for a category included with the 
conveyed data; and step (f) further includes the step of controlling the conveyance of 
data at least one of: to and/or from the process instantiated on the client computer 
based on the at least one global control setting, (Fig. 5; Col. 5, lines 17-67; Col. 6, lines 
1-58; Col. 7, lines 34-67; Col. 8, lines 1-37; Col. 11, lines 6-67; & Col. 12, lines 1-67), 
(Examiner notes that the use of a cookie data type would have been obvious within a 
system like Stockwell which clearly teaches a user authentication functionality, ACL lists 
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and comparison/access means, as a cookie is a well-known means by which data is 
stored for identification/relation purposes). Thus, Claims 5, 6, 16 & 17 are found to be 
unpatentable over considerable consideration of the teachings of Stockwell. 

9. Regarding Claims 7 & 15, Stockwell is relied upon for those teachings noted 
herein. Stockwell further teaches including at least one of: after step (b), the step of 
terminating the [first] communication session; and after step (d), the step of terminating 
the [second] communication session, (Fig. 5; Col. 5, lines 17-67; Col. 6, lines 1-58; Col. 
7, lines 34-67; Col. 8, lines 1-37; Col. 11, lines 6-67; & Col. 12, lines 1-67), (Examiner 
notes that it would have been obvious to terminate the communication sessions as new 
ones are created as Internet communication is well-known to be based upon the 
creation of paths for the purpose of a particular communication and then closing of the 
same, (i.e.: for reservation of bandwidth, etc.), unless specific means are available for 
allowing said path to remain open for bi-directional communication wherein the flow of 
data relies upon use of the same path). Thus, Claims 7 & 15 are found to be 
unpatentable over considerable consideration of the teachings of Stockwell. 

10. Regarding Claims 8, 18 & 23, Stockwell is relied upon for those teachings noted 
herein. Stockwell further teaches including the steps of: transmitting from the client 
computer via the [second] communication session a request to receive another access 
configuration including a control setting for the one communication protocol; receiving at 
the client computer via the [second] communication session the other access 
configuration; and performing step (f) based on the control setting included in the other 
access configuration, (Fig. 5; Col. 5, lines 17-67; Col. 6, lines 1-58; Col. 7, lines 34-67; 
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Col. 8, lines 1-37; Col. 11, lines 6-67; & Col. 12, lines 1-67), (Examiner notes that 
Stockwell clearly teaches a variable rule functionality wherein access to any number of 
multiple protocols would have been obvious to incorporate therein). Thus, Claims 8, 18 
& 23 are found to be unpatentable over considerable consideration of the teachings of 
Stockwell. 

1 1 . Regarding Claims 9 & 21 , Stockwell is relied upon for those teachings noted 
herein. Stockwell further teaches wherein step (f) further includes the steps of: 
determining from the conveyed data the communication protocol thereof; and 
determining from the thus determined communication protocol the control setting 
therefor, (Fig. 5; Col. 5, lines 17-67; Col. 6, lines 1-58; Coi. 7, lines 34-67; Col. 8, lines 
1-37; Col. 11, lines 6-67; & Col. 12, lines 1-67). Thus, Claims 9 & 21 are found to be 
unpatentable over considerable consideration of the teachings of Stockwell. 

12. Regarding Claim 10, Stockwell is relied upon for those teachings noted herein. 
Stockwell further teaches including the step of transferring at least part of the conveyed 
data to the [second] network address via the [second] communication session, (Fig. 5; 
Col. 5, lines 17-67; Col. 6, lines 1-58; Col. 7, lines 34-67; Col. 8, lines 1-37; Col. 11, 
lines 6-67; & Col. 12, lines 1-67). Thus, Claim 10 is found to be unpatentable over 
considerable consideration of the teachings of Stockwell. 

13. Regarding Claim 1 1 , Stockwell is relied upon for those teachings noted herein. 
Stockwell further teaches wherein the transferred data includes at least one of the 
following: a network address, and a subject of the [third] communication session, (Fig. 
5; Col. 5, lines 17-67; Col. 6, lines 1-58; Col. 7, lines 34-67; Col. 8, lines 1-37; Col. 11, 
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lines 6-67; & Col. 12, lines 1-67). Thus, Claim 1 1 is found to be unpatentable over 
considerable consideration of the teachings of Stockwell. 

14. Regarding Claim 12, Stockwell is relied upon for those teachings noted herein. 
Stockwell further teaches including the step of transferring with the data a login name 
received by the client computer during a login procedure by a user thereof, (Fig. 5; Col. 
5, lines 17-67; Col. 6, lines 1-58; Col. 7, lines 34-67; Col. 8, lines 1-37; Col. 11, lines 6- 
67; & Col. 12, lines 1-67). Thus, Claim 12 is found to be unpatentable over 
considerable consideration of the teachings of Stockwell. 

Response to Arguments 

15. Applicant's arguments filed 13 January 2006, have been fully considered but they 
are not persuasive. Applicant's arguments do not comply with 37 CFR 1 .1 1 1(c) 
because they do not clearly point out the patentable novelty which he or she thinks the 
claims present in view of the state of the art disclosed by the references cited or the 
objections made. 

16. Regarding Applicant's argument that Stockwell does not teach receipt of access 
configuration at the client computer, Examiner respectfully disagrees. Specifically, 
Examiner notes that not only could the firewall taught by Stockwell be incorporated into 
a client computer, Stockwell further teaches an authentication means utilizing proxies 
and warders, Figs. 1-3; Col. 5, lines 53-67; & Col. 6, lines 1-67). Additionally, Stockwell 
teaches a user authentication means, (Col. 6, lines 8-27), as well as an authentication 
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and redirection means, (Col. 8, lines 1-37 & Col. 11, lines 6-32), all of which clearly and 
obviously involve receipt of access configuration at a client computer. 

17. In response to applicant's argument that the references fail to show certain 
features of applicant's invention, it is noted that the features upon which applicant relies 
(i.e., "client computer/mobile client access without traversing a firewall " and "the use of 
a common/single network address for all computer 1 session initiations without the use 
of a firewall") are not recited in the rejected claim(s). Although the claims are 
interpreted in light of the specification, limitations from the specification are not read into 
the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). 

1 8. Regarding Applicant's argument that Stockwell does not teach communications 
between different network addresses, Examiner respectfully disagrees, noting Stockwell 
clearly teaches network communications via both static and dynamic IP addresses, (i.e.: 
DHCP - Col. 2, lines 47-67 & Col. 3, lines 1-4), which clearly and obviously reads upon 
communications between different network addresses. Further, as noted herein, within 
a system like that taught by Stockwell, three communication sessions would be an 
obvious number of communication sessions for a process involving initiation, 
authentication and redirection. 

19. Thus, Examiner has addressed Applicant's Amendment, and has further rejected 
all claims, as noted herein above. Accordingly, THIS ACTION IS MADE FINAL. See 
MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 
37 CFR 1.136(a). 
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20. A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 



Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure: 

US Patent US 6,880,089 B1 to Bommareddy. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Arrienne M. Lezak whose telephone number is (571)- 
272-3916. The examiner can normally be reached on M-F 8:30-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David A. Wiley can be reached on (571)-272-3923. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Arrienne M. Lezak 

Examiner 
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